package com.dayang.controllor;

import java.net.URISyntaxException;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuer;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.issuer.UUIDValueGenerator;
import org.apache.oltu.oauth2.as.request.OAuthTokenRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.springframework.http.HttpEntity;
import org.springframework.http.ResponseEntity;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.dayang.service.OAuthService;
import com.dayang.util.Constants;




@RestController
public class AccessTokenController {
	
	@Resource 
	private OAuthService oAuthService;  
	
	@RequestMapping("/accessToken")  
	  public HttpEntity token(HttpServletRequest request)  
	          throws URISyntaxException, OAuthSystemException {  
	    try {  
	      //构建OAuth请求 
	      OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);  
	  
	      //检查提交的客户端id是否正确  
	      if (!oAuthService.checkClientId(oauthRequest.getClientId())) {  
	        OAuthResponse response = OAuthASResponse  
	                .errorResponse(HttpServletResponse.SC_BAD_REQUEST)  
	                .setError(OAuthError.TokenResponse.INVALID_CLIENT)  
	                .setErrorDescription(Constants.INVALID_CLIENT_DESCRIPTION)
	                .buildJSONMessage();  
	       return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));  
	      }  
	  
	    // 检查客户端安全KEY是否正确  
	      if (!oAuthService.checkClientSecret(oauthRequest.getClientSecret())) {  
	        OAuthResponse response = OAuthASResponse  
	        		
	              .errorResponse(HttpServletResponse.SC_UNAUTHORIZED)  
	              .setError(OAuthError.TokenResponse.UNAUTHORIZED_CLIENT)  
	              .setErrorDescription(Constants.INVALID_CLIENT_DESCRIPTION) 
	              .buildJSONMessage();  
	      return new ResponseEntity(  
	          response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));  
	      }  
	    
	      String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);  
	      // 检查验证类型，此处只检查AUTHORIZATION_CODE类型，其他的还有PASSWORD或REFRESH_TOKEN  
	      if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(  
	         GrantType.AUTHORIZATION_CODE.toString())) {  
	         if (!oAuthService.checkAuthCode(authCode)) {  
	            OAuthResponse response = OAuthASResponse  
	                .errorResponse(HttpServletResponse.SC_BAD_REQUEST)  
	                .setError(OAuthError.TokenResponse.INVALID_GRANT)  
	                .setErrorDescription("错误的授权码")  
	              .buildJSONMessage();  
	           return new ResponseEntity(  
	             response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));  
	         }  
	      }  
	       //刷新token方式未实现
	      if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(  
	 	         GrantType.REFRESH_TOKEN.toString())) {  
	 	      
	    	  
	    	  
	    	  
	    	  
	    	  
	 	      }  
	      //生成Access Token  
	      OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new UUIDValueGenerator());  
	      final String accessToken = oauthIssuerImpl.accessToken();  
	      final String  refreshToken  = oauthIssuerImpl.refreshToken();
	      oAuthService.addAccessToken(accessToken,  
	      oAuthService.getUsernameByAuthCode(authCode));  
	    //  oAuthService.addRefreshToken(refreshToken, oAuthService.getUsernameByAuthCode(authCode));
	  
	      //生成OAuth响应  
	      OAuthResponse response = OAuthASResponse  
	              .tokenResponse(HttpServletResponse.SC_OK)  
	              .setAccessToken(accessToken)  
	              .setRefreshToken(refreshToken)
	              .setExpiresIn(String.valueOf(oAuthService.getExpireIn()))  
	              .buildJSONMessage();  
	  
	      //根据OAuthResponse生成ResponseEntity  
	      return new ResponseEntity(  
	          response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));  
	    } catch (OAuthProblemException e) {  
	      //构建错误响应  
	      OAuthResponse res = OAuthASResponse  
	              .errorResponse(HttpServletResponse.SC_BAD_REQUEST).error(e)  
	              .buildJSONMessage();  
	     return new ResponseEntity(res.getBody(), HttpStatus.valueOf(res.getResponseStatus()));  
	   }  
	 }  
	}   
